Incremental View Maintenance for Property Graph Queries

This paper discusses the challenges of incremental view maintenance for property graph queries. We select a subset of property graph queries and present an approach that uses nested relational algebra to allow incremental evaluation

Graph-Based CPE Matching for Identification of Vulnerable Asset Configurations

In this manuscript, we propose a graph-based approach for identification of vulnerable asset configurations via Common Platform Enumeration matching. The approach consists of a graph model and insertion procedure that is able to represent and store information about CVE vulnerabilities and different configurations of CPE-classified asset components. These building blocks are accompanied with a search query in Gremlin graph traversal language that is able to find all vulnerable pairs of CVEs and asset configurations in a single traversal, as opposed to a conventional brute-force approach

On the Complexity of Exact Pattern Matching in Graphs: Binary Strings and Bounded Degree

Exact pattern matching in labeled graphs is the problem of searching paths of a graph $G=(V,E)$ that spell the same string as the pattern $P[1..m]$. This basic problem can be found at the heart of more complex operations on variation graphs in computational biology, of query operations in graph databases, and of analysis operations in heterogeneous networks, where the nodes of some paths must match a sequence of labels or types. We describe a simple conditional lower bound that, for any constant $\epsilon>0$, an $O(|E|^{1 - \epsilon} \, m)$-time or an $O(|E| \, m^{1 - \epsilon})$-time algorithm for exact pattern matching on graphs, with node labels and patterns drawn from a binary alphabet, cannot be achieved unless the Strong Exponential Time Hypothesis (SETH) is false. The result holds even if restricted to undirected graphs of maximum degree three or directed acyclic graphs of maximum sum of indegree and outdegree three. Although a conditional lower bound of this kind can be somehow derived from previous results (Backurs and Indyk, FOCS'16), we give a direct reduction from SETH for dissemination purposes, as the result might interest researchers from several areas, such as computational biology, graph database, and graph mining, as mentioned before. Indeed, as approximate pattern matching on graphs can be solved in $O(|E|\,m)$ time, exact and approximate matching are thus equally hard (quadratic time) on graphs under the SETH assumption. In comparison, the same problems restricted to strings have linear time vs quadratic time solutions, respectively, where the latter ones have a matching SETH lower bound on computing the edit distance of two strings (Backurs and Indyk, STOC'15).Comment: Using Lemma 12 and Lemma 13 might to be enough to prove Lemma 14. However, the proof of Lemma 14 is correct if you assume that the graph used in the reduction is a DAG. Hence, since the problem is already quadratic for a DAG and a binary alphabet, it has to be quadratic also for a general graph and a binary alphabe

Analysis of potential errors in technical products by combining knowledge graphs with MBSE approach

Technical products are developed to meet the demands of stakeholders. Therefore, the product's functions and associated properties are important. Various influencing factors e.g., external disturbances can have an impact on the input flows of the products or its characteristics and thus on the functions. If this leads to deviations between the required and as-is functions, these deviations are called errors. It is therefore important to analyze errors in product development and implement measures to increase the robustness of the product. Model-Based Systems Engineering (MBSE) supports the development of complex systems. However, MBSE alone has limited ability to identify in-depth errors. This requires knowledge of possible errors from previous products in specific contexts. For this purpose, the method proposed in this paper facilitates identifying errors in the concept phase by combining MBSE approaches with reusable knowledge (i.e., knowledge graph). The approach is presented using an application example for a mobile robot

A smart building semantic platform to enable data re-use in energy analytics applications: the Data Clearing House

Systems in the built environment continuously emit time series data about resource usage (e.g., energy and water), embedded electrical generation/storage, status of equipment, patterns of building occupancy, and readings from IoT sensors. This presents opportunities for new analytics and supervisory control applications that help reduce greenhouse gas emissions due to energy demand, if the barrier of data heterogeneity can be overcome. Semantic models of buildings -- representing structure, integrated equipment, and the many internal connections -- can help achieve interoperable data re-use by describing overall context, in addition to metadata. In this paper, we describe the Data Clearing House (DCH), a semantic building platform that hosts sensor data, building models, and analytics applications. This fulfills the key phases in the lifecycle of semantic building data, which includes: cost-effective ingestion of Building Management System (BMS), IoT, metering and meteorological time series data from a wide range of open and proprietary systems; importing and validating semantic models of sites and buildings using the Brick Schema; interacting with a discovery API via a high-level domain-specific query language; and deploying applications to modelled buildings. Having onboarded multiple buildings belonging to our own organisation and external partners, we are able to comment on the challenges to success of this approach. As an example use-case of the semantic building platform, we describe a measurement and verification (M&V) application implementing the 'whole facility' (Option C) method of the International Performance Measurement and Verification Protocol (IPMVP) for evaluating electrical metering data. This compares energy consumption between nominated baseline and analysis time periods, to quantify the energy savings achieved after implementing an intervention on a site.Comment: 13 pages, 4 figures. Accepted for presentation at Climate Smart Engineering 2023 (CSE23

Representing LLVM-IR in a Code Property Graph

In the past years, a number of static application security testing tools have been proposed which make use of so-called code property graphs, a graph model which keeps rich information about the source code while enabling its user to write language-agnostic analyses. However, they suffer from several shortcomings. They work mostly on source code and exclude the analysis of third-party dependencies if they are only available as compiled binaries. Furthermore, they are limited in their analysis to whether an individual programming language is supported or not. While often support for well-established languages such as C/C++ or Java is included, languages that are still heavily evolving, such as Rust, are not considered because of the constant changes in the language design. To overcome these limitations, we extend an open source implementation of a code property graph to support LLVM-IR which can be used as output by many compilers and binary lifters. In this paper, we discuss how we address challenges that arise when mapping concepts of an intermediate representation to a CPG. At the same time, we optimize the resulting graph to be minimal and close to the representation of equivalent source code. Our evaluation indicates that existing analyses can be reused without modifications and that the performance requirements are comparable to operating on source code. This makes the approach suitable for an analysis of large-scale projects